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REMARKS 

Claims 1-U are pending. 

In the present OflBce Action, claims J-1 1 stand rejected under 35 U.S.C. § 103(a) 
as being unpatentable over U.S. Patent No. 6,338,138 (hereinafter **RaducheI"), in view 
of U.S. Patent No. 6,122,741 (hereinafter "Patterson"). Applicant submits each of the 
pending claims recite features neither taught nor suggested by the cited art, either singly 
or in combination. Accordingly. Applicant trave«cs the above rejections and requests 
reconsideration. 

Pending claim 1 recites a system for authenticating a PIN code of a user in an 
interactive infonnation system in order to run an application, the system comprising: 

"an input device for entering a PIN code of a user; 
a security manager configured to: 

receive a request for user authentication fix)m the application; 
compare a received PIN code of the user with a registered PIN code, in 

response to said request; 
supply information to the application about PIN code entering key- 
pressing operations by the user, wherein the entered PIN code is not 
supplied to the application; and 
give authorization to run said application if the PIN code of the user 
matches the registered PIN code; 
wherein the application is configured to present a PIN entry field, wherein crypted 
information conesponding to said infonnation about PIN code entering 
key-pressing operations received fiom the security manager is displayed in 
the PIN entry field." 

It is first noted that the presently claimed invention and the cited art are generally 
directed to different ends. The presently claimed invention is generally directed to a 
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system and method for authenticating a user's PIN in order to run an application. In 
contrast, Raduchel is directed to a network based logon procedure whereby a user may 
logon to a local computer. 

In the above recitation there is a dirwt relationship between a particular 
appUcation and authorization to run ttie particular application. It is noted that the recited 
request for user authentication is supplied "from the applic«ri»t, " Hie authorization signal 
is then given '-to gai<j application" to ' Vun said ap plicatirvn " m contrast, Raduchel 
discloses a browser/applet receives a user's login infoimation and conveys that login 
information to a remote authentication manager. For example, Raduchel discloses: 

♦'Methods and systems consistent with the present invention are 
descnbed in greater detail with reference to FIG. 2, which depicts a 
flowchart of the steps perfoimed at start-up time of local computer 101 
When the local computer is initially started, a small portion of the 
operating system is loaded (step 202). In this step, the minimum code 
necessary to run authentication is loaded, including VM 1 17 as well as 
the ramimum components of ihe operating system necessary to load 
Mid run a web browser; it does not include a command interpreter or 
file capabihties. Next, the browser is loaded and run (step 204) As 
shown m FIG. 3, when running the browser, the user is initially 
presented wth a screen 300 having a login dialog box 302 into which 
Uie user can enter their usemame and password. This screen is 
displayed by an applet, stored with the browser, that performs 
authentication by communicating with the authentication manager. In 
an alternative embodiment, the user entere a user name and is 
prompted with a challenge number which is entered into a digital 
tokai card and the resulting passwoid is entered into the system In 
another alternative embodiment, the local computer includes a • 
sraartcard reader and the user inserts a smartcard into the reader 
However received, the authentication information, including the 
usemame and password, is sent by the browser to the authentication 
manager using the well-known HyperText Transfer Protocol (HTTPS) 
and using the well-known Secure Socket Layer (step 206)." (Raduchel' 
col. 4, line 58 - col. 5, line 16). 



In addition to the above, Raduchel discloses: 
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"Returning to FIG. 2, the local computer receives the authentication 
results from the authentication manager and determines if the u$er was 
authenticated (step 208). If authentication fails ... the user is allowed 
only to perfoim actions considered non-invasive, such as sending and 
receivmg e-mail, viewing pubUcly available, non-proprietary web 
pages via the browser, or viewing on-line calendars. However if 
authentication is successful, the user may use all of the avail^le 
services of the local computer 

If authentication fails, the browser provides the user with restricted 
access to the local computer (step 210). In this step, the browser 
displays icons representative of the services that the user may use as 
indicated in the token received from the authentication manager For 
example, FIG. 5 depicts the browser screen 300 with three icons- icon 
502, allowing the user to access an e-mail system; icon 504, allowing 
Ae user to use a time management program; and icon 506, allowing 
the user to browse various web pages on the Internet Upon selecting 
one of the icons 502-506 for the first time, the browser sends a request 
tQ. , the authentication manager for tha ap pronriate sprvi^f. «J ^^^^ and 
the authentication manager downloads it to the browser so that the user 
may use the corresponding service. Subsequent selections of the icon 
do not cause a download of the service applet; instead, recognizing 
that a copy has akeady been downloaded, the browser merely invokes 
that copy." (Raduchel. coj. 5. lines 32-62). (emphasis added). 

From the above, it can be seen that Raduchel discloses the browser receives and 
sends the authentication infoimation to the authentication manager. The authentication 
manager then returns a token to the local computer which indicates success or failure. If a 
failure is indicated, some subset of services of the local computer may be indicated by the 
token as authorized/usable by the user. Accordingly, there is no direct relationship 
between an application and authorization to run the application as recited. As noted above, 
the claims recites a direct relationship between a particular application and authorization' 
to nm as particular application. Further, the request for user authentication is supplied 
"from flie application" (i.e., the application the user desire to nm). Finally, the 
authorization signal is then given -to said application" to '" run said annlic.finn " These 
features are not disclosed by the cited art, either singly or in combination. For at least 
these reasons, each of the independent claims are patentably distinguishable from the cited 
art and a prima facie case of obviousness has not been established. 
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In addition to the above, the cited art does not disclose a security manager 
configured to "supply information to the application about PIN code entering key- 
pressing operations by the user, wherein the entered PIN code is not supplied to the 
application." First, as discussed above, Raduchel does not disclose the security manager 
supplying the information to "said" appUcation as recited. Second. R^uchel includes no 
teaching or suggestion of a security manager supplying information concerning PIN code 
key-pressing operations to the application without the PIN code being supplied to the 
application. These features are nowhere found in the cited ait. Column 5. lines 17-35 are 
cited as disclosing these features. However, this disclosure of Raduchel merely states: 

;The authentication manager receives the log-in information and uses 
It to authenticate the user, as shown in FIG. 4. Although various 
embodiments of the authentication manager may vary and could be 
configurable, m one implementation, the authentication manager 
request containing a user name and password (step 
402 in FIG. 4). After receiving this information, the authentication 
manager authenticates the user by accessing the authentication file to 
determine if the user name and password are contained in it (step 404) 
and returns a token that identifies the services that the user may use 
(step 406). Additionally, this token may contain a profile of the user's 
access rights, and when the token is returned to the local computer it 
would be racluded in all further requests from the local computer 
Reniming to FIG. 2, the local computer receives the authenticaHon 
results from the authentication manager and determines if the user was 
authenticated (step 208)." (Raduchel, col. 5, lines 17-34). 

Clearly, the above disclosure does not describe a security manager supplying 
information concerning key-pressing operations to the application. Rather, the remote 
authentication manager receives the complete authentication infonnation from the local 
computer, perfonns an authentication check, and returns a result to the local computer. 
Further, there is no disclosure of providing such key-pressing information without 
providing the PIN code. Therefore, for at least these additional reasons, each of the 
independent claims are patentably distinct from the cited art. 
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Still further, claim I recites the additional features wherein "the application is 
configured to present a PIN entry field." In other words, the ^plication for which the user 
seeks authorization to run presents the PIN entry field. As already discussed above, the 
cited art does not disclose M application in the manner recited Accordingly, these features 
are not disclosed by the cited art 

Finally, as each of the dependent claims includes the features of the independent 
claims upon which they depend, the dependent claim are patentable for at least the reasons 
given above. 

In addition to the above. Applicant notes that neither claim 5 nor claim 6 are 
addressed in the present oflSce action. 

Applicant believes the application to be in condition for allowance. However, 
should the examiner believe issues remain which would prevent the present application 
from proceeding to allowance, the below signed representative requests a telephone 
interview to facilitate a more speedy resolution. 
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CONCLUSION 

Applicant submits the application is in condition for allowance, and an early 
notice to that effect is requested. 

If any fees are due. the Commissioner is authorized to charge said fees to 
Meyertons. Hood, Kivlin. Kowert, & GoetzeJ, P.C. Deposit Account No. 501505/5266- 
09100/RDR. 

IS A Return Post Card 



Meyertons, Hood, Kivlin, 

Kowert, & Goetzel, P.C. 
P.O. Box 398 
Austin, TX 78767-0398 
Phone: (512) 853-8800 

Date: June 20. 2006 
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